Lucene search
+L

37 matches found

GithubExploit
GithubExploit
added 2023/04/24 3:53 p.m.391 views

Exploit for Command Injection in Sophos Web_Appliance

Dork fofa title="Sophos Web Appliance" || app="Sophos-W...

9.8CVSS9.6AI score0.99999EPSS
Exploits10
GithubExploit
GithubExploit
added 2022/05/26 8:19 p.m.504 views

Exploit for Path Traversal in Wso2 Api_Manager

WSO2 Carbon Server CVE-2022-29464 Pre-auth RCE bug CVE-2022-2...

10CVSS9.7AI score0.99999EPSS
Exploits22
GithubExploit
GithubExploit
added 2022/04/26 7:52 a.m.727 views

Exploit for Code Injection in Moodle

CVE-2021-36394-Pre-Auth-RCE-in-Moodle Vulnerability Introd...

9.8CVSS9.8AI score0.07034EPSS
Exploits2
GithubExploit
GithubExploit
added 2022/04/21 2:47 p.m.344 views

Exploit for Path Traversal in Wso2 Api_Manager

WSO2 Carbon Server CVE-2022-29464 Pre-auth R...

10CVSS9.6AI score0.99999EPSS
Exploits22
GithubExploit
GithubExploit
added 2022/04/21 2:47 p.m.368 views

Exploit for Path Traversal in Wso2 Api_Manager

WSO2 Carbon Server CVE-2022-29464 Pre-auth R...

10CVSS9.6AI score0.99999EPSS
Exploits22
GithubExploit
GithubExploit
added 2022/01/13 6:29 a.m.7 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

This is a PoC exploit for CVE-2021-26084, a pre-auth RCE injecti...

9.8CVSS9.3AI score0.99999EPSS
Exploits45
GithubExploit
GithubExploit
added 2021/09/01 3:19 p.m.154 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2021-26084 Proof of concept for CVE-2021-26084. Confluen...

9.8CVSS8.8AI score0.99999EPSS
Exploits45
GithubExploit
GithubExploit
added 2021/08/31 4:33 p.m.179 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2021-26084 CVE-2021-26084 - Confluence Pre-Auth RCE | O...

9.8CVSS8.9AI score0.99999EPSS
Exploits45
Hacker One
Hacker One
added 2021/07/01 6:21 p.m.151 views

U.S. Dept Of Defense: Pre-auth RCE in ForgeRock OpenAM (CVE-2021-35464)

RCE is possible thanks to unsafe Java deserialization in the Jato framework used by OpenAM. Impact An unauthenticated, 3rd-party attacker or adversary can execute remote code Supporting Material/References - https://portswigger.net/research/pre-auth-rce-in-forgerock-openam-cve-2021-35464 System...

10CVSS9.6AI score0.99999EPSS
Exploits8
Prion
Prion
added 2021/01/15 8:15 p.m.10 views

Authorization

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deserialize untrusted data from the request body. These endpoints do not enforce any authentication or authorization checks. This issue may lead to pre-auth RCE. This issue...

7.5CVSS9.4AI score0.54494EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2021/01/13 12:0 a.m.641 views

FiberHome HG6245D Disclosure / Bypass / Privilege Escalation / DoS

Hello, Please find a text-only version below sent to security mailing lists. The complete version on "Multiple vulnerabilities found in FiberHome HG6245D routers" is posted here: https://pierrekim.github.io/blog/2021-01-12-fiberhome-ont-0day-vulnerabilities.html === text-version of the advisory =...

0.5AI score
Exploits0
ThreatPost
ThreatPost
added 2020/08/11 12:9 p.m.7598 views

Researcher Publishes Patch Bypass for vBulletin 0-Day

A security researcher has published proof-of-concept code to outsmart a patch issued last year for a zero-day vulnerability discovered in vBulletin, a popular software for building online community forums. Calling a patch for the flaw a “fail” and “inadequate in blocking exploitation,” Austin-bas...

7.5CVSS9AI score0.99728EPSS
Exploits28References13
Exploit DB
Exploit DB
added 2020/06/04 12:0 a.m.421 views

Cayin Digital Signage System xPost 2.5 - Remote Command Injection

Title: Cayin Digital Signage System xPost 2.5 - Remote Command Injection Author:LiquidWorm Date: 2020-06-04 Vendor: https://www.cayintech.com CVE: N/A !/usr/bin/env python3 Cayin Digital Signage System xPost 2.5 Pre-Auth SQLi Remote Code Execution Vendor: CAYIN Technology Co., Ltd. Product web...

7AI score
Exploits0
GithubExploit
GithubExploit
added 2020/05/21 9:14 a.m.150 views

Exploit for Incorrect Authorization in Qnap Photo_Station

QNAP Pre-Auth Root RCE CVE-2019-7192 CVE-2019-7195 Checker...

10CVSS9.6AI score0.89681EPSS
Exploits12
Packet Storm
Packet Storm
added 2020/03/15 12:0 a.m.155 views

Zyxel CNM SecuManager 3.1.0 / 3.1.1 Hardcoded Keys / XSS / Code Execution

Hello, Please find a text-only version below sent to security mailing lists. The HTML version on "Multiple vulnerabilities found in Zyxel CNM SecuManager" is posted here: https://pierrekim.github.io/blog/2020-03-09-zyxel-secumanager-0day-vulnerabilities.html === text-version of the advisory ===...

0.1AI score
Exploits0
GithubExploit
GithubExploit
added 2019/09/26 3:27 a.m.161 views

Exploit for Code Injection in Vbulletin

PoC exploit for CVE-2019-16759, an RCE vulnerability in vBulleti...

9.8CVSS10AI score0.99728EPSS
Exploits27
Hacker One
Hacker One
added 2019/05/28 7:53 a.m.342 views

X (Formerly Twitter): Potential pre-auth RCE on Twitter VPN

Hi, weOrange Tsai and Meh Chang are the security research team from DEVCORE. Recently, we are doing a research about SSL VPN security, and found several critical vulnerabilities on Pulse Secure SSL VPN! We have reported to vendor and patches have been released on 2019/4/25. Since that, we keep...

7.5CVSS9AI score0.99999EPSS
Exploits38
Rows per page
Query Builder